Type Systems Lecture 3 Nov. 3rd, 2004 Sebastian Maneth - PowerPoint PPT Presentation

Type Systems Lecture 3 Nov. 3rd, 2004 Sebastian Maneth http://lampwww.epfl.ch/teaching/typeSystems/2004

Today: … into the types … 1. A Type System for Arithmetic Expressions 2. Proving Type Safety 3. Simply Typed Lambda Calculus 4. Proving Type Safety 5. Conclusions

A Type System for Arithmetic Expressions Expr ::= true | false | zero Expr ::= if Expr then Expr else Expr Expr ::= succ (Expr) Expr ::= pred (Expr) Val ::= true | false | NVal Expr ::= isZero (Expr) NVal ::= zero | succ NVal “Stuck” terms: succ(true) isZero(false) if zero then true else false Cannot rewrite, but are not values. � no semantics = execution error type sound = all well-typed programs are free of execution errors � find a Type System for Expr, so that well-typed terms do NOT get stuck!

A Type System for Arithmetic Expressions � find a Type System for Expr, so that well-typed terms do NOT get stuck! The converse will NOT be true: if true then zero else succ(true) is not stuck (evaluates to zero) , but will not be well-typed! non-stuck (= free of execution errors) well-typed “slack” � keep the slack small! Introduce two types Bool and Nat, representing Booleans and Numbers. Every Expr t will be of type Bool or Nat, or will have no type. t : Bool = “t has type Bool”

A Type System for Arithmetic Expressions � find a Type System for Expr, so that well-typed terms do NOT get stuck! The converse will NOT be true: if true then zero else false is not stuck (evaluates to zero) , but will not be well-typed! non-stuck (= free of execution errors) well-typed “slack” � keep the slack small! Introduce two types Bool and Nat, representing Booleans and Numbers. Every Expr t will be of type Bool or Nat, or will have no type. t : Bool = “t has type Bool” typing rules (Type System): true : Bool false : Bool t 1 : Bool t 2 : T t 3 : T if t 1 then t 2 else t 3 : T

A Type System for Arithmetic Expressions typing rules: true : Bool false : Bool t 1 : Bool t 2 : T t 3 : T if t 1 then t 2 else t 3 : T zero : Nat t 1 : Nat t 1 : Nat t 1 : Nat succ t 1 : Nat pred t 1 : Nat isZero t 1 : Bool Note : this type system is VERY simple. � it can be incorporated into the syntax definition (EBNF). do you see how?

A Type System for Arithmetic Expressions typing rules: true : Bool false : Bool t 1 : Bool t 2 : T t 3 : T if t 1 then t 2 else t 3 : T zero : Nat t 1 : Nat t 1 : Nat t 1 : Nat succ t 1 : Nat pred t 1 : Nat isZero t 1 : Bool typing derivation for if isZero zero then zero else pred zero zero : Nat zero : Nat zero : Nat pred zero : Nat isZero zero : Bool if isZero zero then zero else pred zero : Nat

A Type System for Arithmetic Expressions How to find a typing derivation? � assume the Expr has some type R; then determine backwards the required types of the subexpressions, and check them! 1. If true : R or false : R, then R = Bool. 2. If zero : R, then R = Nat.

A Type System for Arithmetic Expressions How to find a typing derivation? � assume the Expr has some type R; then deterimine backwards the required types of the subexpressions, and check them! 1. If true : R or false : R, then R = Bool. 2. If zero : R, then R = Nat. 3. If if t 1 then t 2 else t 3 : R, then t 1 : Bool, t 2 : R, and t 3 : R 4. If succ t 1 : R or pred t 1 : R, then R = Nat 5. If isZero t 1 : R, then R = Bool and t 1 : Nat

A Type System for Arithmetic Expressions How to find a typing derivation? � assume the Expr has some type R; then deterimine backwards the required types of the subexpressions, and check them! 1. If true : R or false : R, then R = Bool. 2. If zero : R, then R = Nat. 3. If if t 1 then t 2 else t 3 : R, then t 1 : Bool, t 2 : R, and t 3 : R 4. If succ t 1 : R or pred t 1 : R, then R = Nat must be the same R!! 5. If isZero t 1 : R, then R = Bool and t 1 : Nat

A Type System for Arithmetic Expressions How to find a typing derivation? � assume the Expr has some type R; then deterimine backwards the required types of the subexpressions, and check them! INVERSION LEMMA 1. If true : R or false : R, then R = Bool. 2. If zero : R, then R = Nat. 3. If if t 1 then t 2 else t 3 : R, then t 1 : Bool, t 2 : R, and t 3 : R 4. If succ t 1 : R or pred t 1 : R, then R = Nat must be the same R!! 5. If isZero t 1 : R, then R = Bool and t 1 : Nat Theorem : Every term has at most one type (with unique derivation). Proof by induction, using INV.L.

What you will learn in this course: • how to define a type system T (to allow for unambiguous implementations) • how to formally prove that ( P , T ) is type sound • how to implement a typechecker for T

What you will learn in this course: • how to define a type system T (to allow for unambiguous implementations) • how to formally prove that ( P , T ) is type sound = type safe • how to implement a typechecker for T

Proving Type Safety “well-typed terms do not go wrong” Safety = Progress + Preservation Progress = A well-typed term is NOT stuck Preservation = evaluation preserves well-typedness well-typed � NOT stuck � either value or we can evaluate � result is well-typed Progress Preserve

Proving Type Safety “well-typed terms do not go wrong” Safety = Progress + Preservation Progress = A well-typed term is NOT stuck Preservation = evaluation preserves well-typedness well-typed � NOT stuck � either value or we can evaluate � result is well-typed Progress Preserve

Proving Type Safety Progress Theorem: If t is well-typed, then it is either a value or there exists a t’ such that t � t’. Observations: (1) if t : Bool is a value, then t = true or t = false (2) if t : Nat is a value, then t = succ ( … succ ( zero ) … ) ≥ 0 Proof. Induction on t. t = true | false | zero � immediate. t = if t 1 then t 2 else t 3 : R, then t 1 : Bool, t 2 : R, and t 3 : R (INV.L.)

Proving Type Safety Progress Theorem: If t is well-typed, then it is either a value or there exists a t’ such that t � t’. Observations: (1) if t : Bool is a value, then t = true or t = false (2) if t : Nat is a value, then t = succ ( … succ ( zero ) … ) ≥ 0 Proof. Induction on t. t = true | false | zero � immediate. t = if t 1 then t 2 else t 3 : R, then t 1 : Bool, t 2 : R, and t 3 : R (INV.L.) • t 1 is value. By (1), t = true or t = false . Thus, t can evaluate to a t’ (= t 2 or t 3 )!

Proving Type Safety Progress Theorem: If t is well-typed, then it is either a value or there exists a t’ such that t � t’. Observations: (1) if t : Bool is a value, then t = true or t = false (2) if t : Nat is a value, then t = succ ( … succ ( zero ) … ) ≥ 0 Proof. Induction on t. t = true | false | zero � immediate. t = if t 1 then t 2 else t 3 : R, then t 1 : Bool, t 2 : R, and t 3 : R (INV.L.) • t 1 is value. By (1), t = true or t = false . Thus, t can evaluate to a t’ (= t 2 or t 3 )! • t 1 is NOT value. By induction ∃ t 1 ’ with t 1 � t 1 ’. Thus, t can evaluate to a t’ (= if t 1 ’ then ..)!

Proving Type Safety Progress Theorem: If t is well-typed, then it is either a value or there exists a t’ such that t � t’. Observations: (1) if t : Bool is a value, then t = true or t = false (2) if t : Nat is a value, then t = succ ( … succ ( zero ) … ) ≥ 0 Proof. Induction on t. t = true | false | zero � immediate. t = succ t 1 . By induction, t 1 is value or t 1 � t 1 ’. By INV.L., t 1 : Nat. • t 1 is value. By (2), t 1 = succ (.. zero ..). Hence, t is also a value! • t 1 is NOT value. Then t can evaluate to a t’ (= succ t 1 ’)

Proving Type Safety Progress Theorem: If t is well-typed, then it is either a value or there exists a t’ such that t � t’. Observations: (1) if t : Bool is a value, then t = true or t = false (2) if t : Nat is a value, then t = succ ( … succ ( zero ) … ) ≥ 0 Proof. Induction on t. t = true | false | zero � immediate. t = pred t 1 . By induction, t 1 is value or t 1 � t 1 ’. By INV.L., t 1 : Nat. • t 1 is value. By (2), t 1 = succ (.. zero ..). Thus, t can evaluate! • t 1 is NOT value. Then t can evaluate to a t’ (= pred t 1 ’)

Proving Type Safety Progress Theorem: If t is well-typed, then it is either a value or there exists a t’ such that t � t’. Observations: (1) if t : Bool is a value, then t = true or t = false (2) if t : Nat is a value, then t = succ ( … succ ( zero ) … ) ≥ 0 Proof. Induction on t. t = true | false | zero � immediate. t = isZero t 1 . By induction, t 1 is value or t 1 � t 1 ’. By INV.L., t 1 : Nat. • t 1 is value. By (2), t 1 = succ (.. zero ..). Thus, t can evaluate! • t 1 is NOT value. Then t can evaluate to a t’ (= isZero t 1 ’)

Proving Type Safety Preservation Theorem: If t : T and t � t’, then t’ : T. t = if t 1 then t 2 else t 3 : R, then t 1 : Bool, t 2 : R, and t 3 : R (INV.L.) t’ = t 2 | t 3 | if t 1 ’ then t 2 else t 3 , where t 1 � t 1 ’

Proving Type Safety Preservation Theorem: If t : T and t � t’, then t’ : T. t = if t 1 then t 2 else t 3 : R, then t 1 : Bool, t 2 : R, and t 3 : R (INV.L.) t’ = t 2 | t 3 | if t 1 ’ then t 2 else t 3 , where t 1 � t 1 ’ : R : R By induction, t 1 ’ : Bool. THUS, t’ : R.